Multi-environment deployment of ActiveGate

If you've set up several monitoring environments, it might be cumbersome to install and maintain multiple ActiveGates. Therefore, Dynatrace enables you to configure a single ActiveGate in support of multiple monitoring environments. Such an ActiveGate is referred to as a multi-environment ActiveGate.

This kind of configuration significantly reduces the maintenance and setup overhead. Thanks to this feature, you don't need to deploy multiple ActiveGates and don't need to adjust firewall settings for each additional Environment ActiveGate. Multi-environment ActiveGates are capable of handling all traffic from all the environments they are associated with.

Limitations

You cannot use an Environment ActiveGate configured for multi-environment support to:

Connect to environments from different clusters
Install the zRemote module for z/OS monitoring
Monitor remote technologies with extensions, including both Extensions 2.0 framework and Extensions 1.0
Execute monitors from private Synthetic locations
Run Database insights
Connect to Dynatrace using AWS PrivateLink

All other ActiveGate features are supported.

To configure an existing Environment ActiveGate for multi-environment support

Make sure that the ActiveGate modules that are incompatible with multi-environment operation are disabled. Which module is actually installed and enabled varies based on the purpose for which the ActiveGate was originally installed. Only one of the following modules can be present on the ActiveGate. However, if in doubt, disabling (and then removing) all of these particular modules at this point is acceptable:
- ActiveGate Extensions 1.0—disabled in the [rpm] section
- ActiveGate Extensions 2.0—disabled in the [extension_controller] section
- zRemote—disabled in the [zremote] section
- Synthetic 1.0—disabled in the [synthetic] section
To disable the modules, locate the custom.properties file, in the configuration directory, and make sure that the corresponding configuration properties are set to false:
```
[rpm]
rpm_enabled = false

[zremote]
zremote_enabled = false

[synthetic]
synthetic_enabled = false

[extension_controller]
extension_controller_enabled = false
```
Make sure that the ActiveGate modules that are incompatible with multi-environment operation have been uninstalled.
- For Linux—execute one of the following commands, depending on which module needs to be uninstalled. If in doubt, execute all of the commands: If the commands are found, the respective modules will be uninstalled. If the commands are not found, it means that the modules are not present:
```
sudo /opt/dynatrace/remotepluginmodule/uninstall.sh
sudo /opt/dynatrace/zremote/uninstall.sh
sudo /opt/dynatrace/synthetic/uninstall.sh
```
- For Windows: locate and uninstall the following applications, if installed:
  - Dynatrace Remote Plugin Module
  - Dynatrace ZRemote
  - Dynatrace Synthetic
In the ActiveGate configuration directory, locate the authorization.properties file and familiarize yourself with the content.
The authorization.properties file defines ActiveGate authorization for each environment as identified by the environment ID. ActiveGate authorizes via tenant token and individual ActiveGate token. One and only one of the sections will contain the property mainTenant = true. This is for the environment from which the ActiveGate was downloaded and installed. Do not remove this section or this entry. Do not remove any other sections—relating to other environments—unless you do not want the ActiveGate to support those particular environments anymore.

Format of the entries in authorization.properties:
```
[<environment_ID>]
tenantToken = <tenant_token>
mainTenant = true     # identifies environment from which the ActiveGate was downloaded
authToken = <individual_ActiveGate_token>
```
For example:
```
[mySampleEnv]
tenantToken = abcdevjhij1234567890
authToken = dt0g01.HVMTLRLZ.1234567890ZYXWVUTSRQPONMLKJIHGFEDCBA01234567890ABCDEFGHIGKLMNOPQ
mainTenant = true
```
To create an individual ActiveGate token, see Generate ActiveGate token.
To add more environments, add new sections to the authorization.properties file.
List each Dynatrace environment you want the Environment ActiveGate to support. Use the following format:
```
[<environment_ID>]
tenantToken = <tenant_token>
mainTenant = true
authToken = <individual_ActiveGate_token>

[<environment_ID>]
tenantToken = <tenant_token>
authToken = <individual_ActiveGate_token>
```
For example:
```
[mySampleEnv]
tenantToken = abcdevjhij1234567890
authToken = dt0g01.HVMTLRLZ.1234567890ZYXWVUTSRQPONMLKJIHGFEDCBA01234567890ABCDEFGHIGKLMNOPQ
mainTenant = true

[myAnotherEnv]
tenantToken = 0987654321jijvedcba
authToken = dt0g01.HVMTLRLZ.1234567890ZYXWVUTSRQPONMLKJZYXWVUTSRQPONMLKJIHGFE56GHMNO890ZABCD
```
Ensure consistent configuration
For correct operation, you must ensure that:
All environments that are to be supported by the same Environment ActiveGate run on the same Dynatrace Cluster.
The main environment, associated with the mainTenant configuration property, is correctly configured. Incorrect configuration of the main environment will result in the rejection of the ActiveGate in all configured environments: An error will be logged in the ActiveGate logs, with information stating that mainTenant configuration is invalid, and the ActiveGate will not appear on the Deployment Status pages on any of the environments.
Save the authorization.properties file and restart the ActiveGate main service.
Verify that the new environments have been added successfully.
The ActiveGate log file should contain the entry listing the number of environments that the ActiveGate is working with, for example:
```
Working mode is set to MULTITENANT with 5 tenant(s).
```
If the log message does not list the number of environments that you have attempted to configure, scan the log file for entries indicating an error in the authorization.properties file. Error messages appear in this form:
```
Error during parsing config file `...\conf\authorization.properties` - invalid configuration: ...
```